OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

sca-policy message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [sca-policy] Suggested wording for issue 32


Ashok,

I'm just not getting this proposal - I'd appreciate some help in understanding what it really means.

So the new proposal has 2 intents:

serverAuthentication
mutualAuthentication

- and it sounds as if mutualAuthentication includes serverAuthentication - true?

Can you give me an idea of some examples of concrete policies that these would turn into for common
communication protocols such as Web services or JMS?

I can see plenty of support for clients to deliver authentication data to servers (WS-Security mechanisms
for example) but the support for client authentication of servers is less clear to me.  And the tying together
of the two implied by "mutualAuthentication" does not seem obvious from the concrete mechanisms that
I find in WS-Security.


Yours,  Mike.

Strategist - Emerging Technologies, SCA & SDO.
Co Chair OASIS SCA Assembly TC.
IBM Hursley Park, Mail Point 146, Winchester, SO21 2JN, Great Britain.
Phone & FAX: +44-1962-818014    Mobile: +44-7802-467431  
Email:  mike_edwards@uk.ibm.com


From: ashok malhotra <ashok.malhotra@oracle.com>
To: OASIS Policy <sca-policy@lists.oasis-open.org>
Date: 02/12/2008 21:28
Subject: [sca-policy] Suggested wording for issue 32




On the Nov 24 telcon we agreed to resolve issue 32 by replacing the
current "authentication" intent by two intents,
one that specifies server authentication by the client (similar to the
current intent) and the other specifies mutual authentication.

The suggested changes are in the attached file.  In addition to
replacing the single intent by 2 intents, a number of editorial changes
are needed in the examples, etc.
--
All the best, Ashok
[attachment "Changes for issue 32.doc" deleted by Mike Edwards/UK/IBM] ---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php






Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU






[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]